How to remove RecoverKeysCmd.exe
- File Details
- Overview
- Analysis
RecoverKeysCmd.exe
The module RecoverKeysCmd.exe has been detected as Adware.OpenCandy
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
dbecc558201d971a6fddfbb1a55592c3 |
| Size: |
15 MB |
| First Published: |
2021-07-15 20:48:44 (4 years ago) |
| Latest Published: |
2025-11-05 23:01:32 (2 weeks ago) |
| Status: |
Adware.OpenCandy (on last analysis) |
|
| Analysis Date: |
2025-11-05 23:01:32 (2 weeks ago) |
Overview
| Signed By: |
ONE UP LTD. |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %programfiles% |
| %mydoc%\sauvegarde samsung 970 512 go\sauvegarde 16_05_2024\documents\recoverkey\ncrecoverkeysportable\app |
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000400000 |
| Entry Address: |
0x005b60b0 |
| Name |
Size of data |
MD5 |
| .text |
5984768 |
cbda3138470d56d1bf28e322c24bab2b |
| .data |
676352 |
3085133453969944434297db645037d8 |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
13312 |
22f42f51b28d5ac7c3ee996d46263a91 |
| .didata |
1024 |
ebe482bad5232f93f67751ec4be0b471 |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
512 |
d91f12b9e3d8c2ff3fed4c0ebdc4d870 |
| .pdata |
245248 |
89850c4f386ae58ee1deff6ea01f38c7 |
| .rsrc |
9195520 |
3412f7b25b83b66b0b2c9f78f2577666 |
